makepkg does not provide a convenient way of creating split packages

Yup, see this libtool commit, previously I had to move libraries
between $pkgdir and $srcdir to split packages, but since I added $splitpkgdir, I
can simply keep $pkgdir for running program author’s way of install and then move
content around by hand.

Neat, isn’t it? I think so as well, especially after seeing packaging results:

Imagine still having everything in one package - that’s where for example Arch Linux fails with
packages (friends reported Debian sid’s minimal install being smaller than Arch Linux’s - that is
without documentation and development headers/libraries)

Warm Linux splits packages so end users could keep their systems small as possible.

makepkg leaks system information

Dumping installed packages while packaging might sound great debugging resource for package
maintainers - which indeed, is sometimes really valuable information, can be used to mine data
from personal systems.

Consider this scenario:

Build server builds packages and hosts them over http(s) server.

Build server also runs outdated http(s) server, which is vulnerable and RCE can be done.

Of course, there are many different ways to protect build server and those are probably recommended over
simply hiding an information, but having potentially useful information hidden from prying eyes is the
first step of not getting targeted.